Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the application: 
Listing of Claims; 

1. (Currently Amended) A system for secure data storage and retrieval comprising: 
a network-attached storage device for storing encrypted dat«^ 

means at a client device for encrypting data prior to sending data blocks to said network- 
attached storage device, said encrypting means protecting confidentiality and integrity of data 
blocks sent to said network-attached storage device; 

means at said client device for generating an integrity value corresponding to one or more 
data blocks, said integrity value comprising information for preventing modification, relocation 
and replay of data for each data block srait to said network-attached storage device; 

means for storing said integrity value of one or more data blocks, said means for storing 
further including means for generating an integrity tree structure, said integrity tree structure , 
storing integrity values corresponding to each disk block written to said storage device, wherein 
said integrity tree comprises a hierarchical data structure, said hierarchical data structure 
including two or more kyrars of integrity data stinctures, each successive layer of integrity dat^ 
stinctures including meta-data protecting integrity of data at an immediate prior layer, :wfherein a- 
top layer of said hierarchical data structure includes a root data structure for protecting integrity- 
of all content written to said storage device, and said root data structure is stored on the clieiit r 
device where said integrated value and said root data structuie is generated : 

means at said client device for receiving and decrypting data blocks received from said 
network-attached storage device; and, 

means for performing an mtegrity check at said client device utiKzing stored integrity 
value corre^nding to one or more said data blocks received firom said network-attached storage 
device, wherein said integrity check protects the integrity of data blocks stored in said network- 
attached storage device, wherein contents of said integrity tree are updated and, verified op s#d 
client device. 
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2. (Original) The system as claimed in Claim 1^ wherein said encryption means generate 
encrypted cipher text data blocks that are a fimction of plaintext data included in said data block 
and a first encryption key. 

3. (Original) The system as claimed in Claim 2, wherein said encryption means 
implements a whitening value which is a function of a second encryption key, an address 
location for said storage block, and a version number indicating a block write increment, said 
encryption means further generating cipher text data blocks that are additionally a function of 
said whitening value. 

4. (Original) The system as claimed in Claim 2, wherein said encryption means employs 
an algorithm including one selected from DBS or AES encryption schemes* 

5. (Canceled) 

6. (Canceled) 

7. (Previously Presented) The system as claimed in Claim 3, wherein said hierarchical 
data structure includes said written encrypted data blocks at a first layer, and a succeeding layer 
of meta-data blocks, each meta-data block including data structures representing a plurality of 
disk blocks written at said first layer, each meta-data block data structure comprising an integrity 
value and a version number pair for each of said pluraHty of disk blocks* 

8. (Original) The system as claimed in Claim 7, wherein said integrity tree includes a:;f 
succeeding layer of higher level meta-data blocks for protecting a layer of meta-data blocks 
below, each higher level meta-data block comprising data structures representing a plurality of 
meta-data blocks, each higher level meta-data block data structure comprising an integrity yalUe 
and version number pair generated for each of said plurality of meta-data blocks, 

9. (Canceled) 
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10. (Previously Presented) The system as claimed in Claim 3, further comprising means 
for writing a data block to said storage device, said writing comprising means for updating a 
written data block's vei'sion number and checksum in the associated meta-data bloclcs, wherein 
updates to checksum and version number values are performed at each successive meta-data 
layer corresponding to said written data block, including updating performed at said root data 
structure. 

1 1 . (Previously Presented) The system as claimed in Claim 3, wherein said means for 
performing an integrity check comprises means comparing integrity of data blocks to be read on 
a path jfrom said root data structure via successive higher meta-data blocks and meta-data block 
layers until a desired data block at a first layer is read. 

12. (Original) The system as claimed in Claim 1 , wherein said storage device comprises. . , 
a non-volatile or volatile storage device. 

13. (Original) The system as claimed in Claim 1, wherein said storage device is remotely 
located from said client device, said encrypted blocks being written across a network link. 

14. (Currently Amended) A method for secure data storage and retrieval comprising the 
steps of: 

a) encrypting data to be s^t from a client device to a network-attached storage 
device for storing encrypted data, said encrypting utilizing an encryption scheme capable of 
protecting individual data blocks against modification, relocation and replay for e^ data block 
sent to said network-attached storage device; 

b) generating at said cUent device an integrity value corresponding to one or more 
sent data blocks, said integrity value comprising information for preventing modificatipn of data 
for each data block sent to said storage device; 

c) storing said integrity value of one or more written data blocks, %ther including 
generating an integrity tree structure for storing integrity values corresponding to each disk block 
written to said storage device wherein said integrity tree structure comprises a hierarchical data 
structure, said hierarchical data structure including two or more layers of integrity data 
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structures, each successive layer of integrity data stnictures including meta-data protecting 
integrity of data at an immediate prior layer, generating a root data structure at a top layer of sdd 
hierarchical data structure for protecting integrity of all content written to said storage device and 
storing said root data structure on the client device where said integrated value and said root data 

structure is generated: 

d) decrypting the encaypted data accessed fixtm said netwoik-attached storage 

device; and, 

e) performing an integrity check utilizing said stored integrity values corresponding 

to one or more stored data blocks being accessed, said integrity check protecting the integrity of 
contents stored in said network-attached storage device, wherein contents of said integrity tree 
are updated and verified on said client device, 

15. (Original) The method as claimed in Qaim 14, wherein said encrypting data step a) 
includes generating enoypted ciph©: text data blocks that are a ftmction of plaintext data 
included in said data block and a first ©acryption key . 

16. (Original) The method as claimed in Claim 1 5, wherein said encrypting data step a) .. 
further includes generating a whitening value as a fimction of a second encryption key, an 
address location for said storage block, and a version number indicating a block write, and the 
generation of cipher text data blocks that are a fimction of said whitening value. 

1 7. (Original) The method as claimed in Claim 15, wherein said encrypting step a) 
further employs an algorilhm including one selected firom DBS or AES encryption schemes. 

18. (Canceled) 

19. (Canceled) 

20. (Previously Presented) The method as claimed in Claim 14, fiirther comprising the ■ 
step of: writing encrypted data blocks at a first layer of said hierarchical data structure, and 
writing a succeeding layer of meta-data blocks, each meta-data block including data structxwes 
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representing a plurality of disk blocks written at said first layer, each meta-data block data 
structare comprising an integrity value and a version number pair for each of said plurality of 
disk blocks. 

2 1 . (Original) The method as claimed in Claim 20, further comprising the step of: 
writing a succeeding layer of higher level meta-data blocks for protecting a layer of meta-data 
blocks below, each higher level meta-data block comprising data structures representing a 
plurality of meta-data blocks, each hi^er level meta-data block data structure comprising an 
integrity value and version number pair for each of said plurality of meta-data blocks. 

22. (Canceled) 

23. (Previously Presented) The method as claimed in Claim 21, further comprising the 
steps of: vrating a data block to said storage device, said writing including updating a written 
data block's version number and the integrity value in the associated meta-data blocks, and, said 

integrity value and version number value updating being performed at each successive meta-data 
layer corresponding to said written data block, including updating performed at said root data 
structure. 

24. (Previously Presented) The method as claimed in Claim 21, fijrther comprising 
step of: reading a data block from said storage device, said step e) of perfomiiiig an integrity 
check including comparing integrity of data blocks to be read on a path from said root data 
structure via successive meta-data block layers until a desired data block is read from said first 
layer of said hierarchical data structure. 

25. (Currently Amended) A program storage device readable by a iriachine, tangibly 
embodying a program of instructions executable by the machine to paform mefliod steps for 
securely storing and accessing data, said method steps comprising the stqps of: 

a) encrypting data to be sent from a client device to a network-attached storage device for 
storing encrypted data, said encrypting utilizing an encryption scheme capable of protecting 
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individual data blocks against modification, relocation and replay for each data block sent to said 
storage device; 

b) generating at said client device an integrity value corresponding to one or more sent 
data blocks, said integrity value comprising information for preventing modification of data for 
each data block sent to said network-attached storage device; 

c) storing said integrity values of one or more sent data blocks further including 
generating an integrity tree structure for storing integrity valu^ corresponding to each disk block 
written to said storage device, said integrity tree structure comprising a hierarchical data 
structure including two or more layers of integrity data structures, each successive layer of 
integrity data stmctures including meta-data protecting integrity of data at an immediate prior 
layer, generating a root data structure at a top layer of said hierarchical data structure for 
protecting integrity of all content written to said storage device and storing said root data 
structure on the chent device where said integrated value and said root data structure is 
generated ; 

d) decrypting the encrypted data accessed from said network-attached storage devic^; 

and, 

e) performing an integrity check utilizing said stored integrity values corresponding to 
one or more stored data blocks being accessed, said integrity check protecting the integrity of 
contents stored in said netwoik-attached storage device, wherein contents of said integrity tree 
are updated and verified on said client device. 

26. (Original) The program storage device readable by a machine as clairried in Claim 
25, wherein said encrypting data step a) includes generating encrypted cipher text data blocks 
that are a function of plaintext data included in said data block and a first encryption key. 

27. (Original) The program storage device readable by a machine as claimed in Clam 
25, wherein said encrypting data step a) further includes generating a whitening value as a 
Amotion of a second encryption key, an addr^s location for said storage block, and a versipn : 
number indicating a block vmte increment, said encrypting step generating cipher text data 
blocks that are additionally a fimction of said whitening value. 
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28. (Canceled) 



29. (Previously Presented) The program storage device readable by a machine as claimed 
in Claim 27, ftirther comprising the step of: writing encrypted data blocks at a first layer of said 
hierarchical data structure, and writing a succeeding layer of meta-data blocks, each meta-data 
block including data structures representing a plurality of disk blocks written at said first layer, 
eajch meta-data block data structure comprising an integrity value and a version nuftiber pair for 
each of sM plurality of disk blocks. 

30. (Previously Presented) The program storage device readable by a machine as 
claimed in Claim 29, further comprising the steps of: writing a succeeding layer of higher level 
meta-data blocks for protecting a layer of meta-data blocks below, each higher level meta-data 
block comprising data structures representing a plurality of meta-data blocks, each .higher level 
meta-data block data structure comprising an integrity value and vcsrsion number pair for each of 
said plurality of meta-data blocks. 

31. (Previously Presented) The program storage device readable by a machine as 
claimed in Claim 30, further comprising the steps of: writing a data block to said storage device, 
said writing including updating a written data block's version number and the integrity value in 
the associated meta-data blocks, and, said integrity value and version number value updating 
being performed at each successive meta-data layer corresponding to said vrattesi data block, 
including updating performed at said root data structure. 

32. (Original) The program storage device readable by a machine as claimed in Claim 
30, further comprising the step of: reading a data block from said storage device^ said step e), ©f 
performing an integrity check including comparing integrity of data blocks to be r^d on ja path 
fit)m said root data structure via successive meta-data block layers until a desired data block is 
read from said first layer of said hierarchical data structure. 

33 . (Currently Amended) A system for secure data storage and retrieval comprising: 
a network-attached storage device for storing encrypted data; 
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a client device operable to encrypt data prior to sending data blocks to said network- 
attached storage device, said client device operable to protect confidentiality and integrity of data 
blocks sent to said network-attached storage device; 

a processor at said client device operable to generate an integrity value corresponding to 
one or more data blocks, said integrity value comprising information for preventing 
modification, relocation and replay of data for each data block sent to said network-attached 
storage device; 

the processor fiirther operable to store said integrity value of one or more data blocks^ 
said processor further operable to generate an integrity tree structure, said integrity tree structure 
storing integrity values corresponding to each disk block written to said storage device, wherein 
said integrity tree comprises a hierarchical data structure, said hierarchical data structure 
including two or more layers of integrity data structures, each successive layer of integrity dat& 
structures including meta-data protecting integrity of data at an immediate prior layer, wherein a 
top layer of said hierarchical data structure includes a root data structure for protecting integrity 
of all content written to said storage device, and said root data structure is stored on the client 
device where said integrated value and said root data structure is generated ; 

the client device fiirther operable to receive and decrypt data blocks xeceived fi:oni said ; . 
network-attached storage device; and, 

the client device fiirther operable to perform an integrity check at said client device 
utilizing stored integrity value corresponding to one or more said data blocks received froni said 
network-attached storage device, wherein said integrity check protects the integrity of data 
blocks stored in said network-attached storage device, wherein contents of said integrity tree are 
updated and verified on said client device. 



Page 9 of 12 



G:\JBM\I05\l6780\Amend\167S0.am5.doc 



